Using Proxmox 7.2.3, Freeswitch will run in lxc privileged container. Freeswitch will not run in lxc unprivileged container without commenting out IOSchedulingClass=realtime in /lib/systemd/system/freeswitch.service

How can Freeswitch be run in lxc unprivileged container without changing IOSchedulingClass ?

CT container template debian-11-standard_11.3-1_amd64.tar.zst shows the following output errors:

root@deb11fstest:~# freeswitch -c
ERROR: Failed to set SCHED_FIFO scheduler (Operation not permitted)

journalctl -xe

May 22 21:00:32 deb11fstest systemd[1]: Starting freeswitch…
– Subject: A start job for unit freeswitch.service has begun execution
– Defined-By: systemd
– Support: Debian -- User Support

– A start job for unit freeswitch.service has begun execution.

– The job identifier is 1686.
May 22 21:00:32 deb11fstest systemd[125577]: freeswitch.service: Failed to set up CPU scheduling: Operation not permitted
May 22 21:00:32 deb11fstest systemd[125577]: freeswitch.service: Failed at step SETSCHEDULER spawning /bin/mkdir: Operation not permitted
– Subject: Process /bin/mkdir could not be executed
– Defined-By: systemd
– Support: Debian -- User Support

– The process /bin/mkdir could not be executed and failed.

– The error number returned by this process is ERRNO.
May 22 21:00:32 deb11fstest systemd[1]: freeswitch.service: Control process exited, code=exited, status=214/SETSCHEDULER
– Subject: Unit process exited
– Defined-By: systemd
– Support: Debian -- User Support

– An ExecStartPre= process belonging to unit freeswitch.service has exited.

– The process’ exit code is ‘exited’ and its exit status is 214.
May 22 21:00:32 deb11fstest systemd[1]: freeswitch.service: Failed with result ‘exit-code’.
– Subject: Unit failed
– Defined-By: systemd
– Support: Debian -- User Support

– The unit freeswitch.service has entered the ‘failed’ state with result ‘exit-code’.
May 22 21:00:32 deb11fstest systemd[1]: Failed to start freeswitch.
– Subject: A start job for unit freeswitch.service has failed
– Defined-By: systemd
– Support: Debian -- User Support

– A start job for unit freeswitch.service has finished with a failure.

– The job identifier is 1686 and the job result is failed.
May 22 21:00:32 deb11fstest systemd[1]: freeswitch.service: Scheduled restart job, restart counter is at 3.
– Subject: Automatic restarting of a unit has been scheduled
– Defined-By: systemd
– Support: Debian -- User Support

– Automatic restarting of the unit freeswitch.service has been scheduled, as the result for
– the configured Restart= setting for the unit.
May 22 21:00:32 deb11fstest systemd[1]: Stopped freeswitch.
– Subject: A stop job for unit freeswitch.service has finished
– Defined-By: systemd
– Support: Debian -- User Support

– A stop job for unit freeswitch.service has finished.

If you can run LXD then you may find that the syscall interception of sched_setscheduler is helpful?

I appreciate your message and I will look into testing and running freeswitch on lxd once I get an environment setup for it.

Currently I still have freeswitch in lxc on proxmox and was trying to exhaust all possibilities of getting freeswitch running unprivileged without impacting freeswitch’s IOSchedulingClass, IOSchedulingPriority, and CPUSchedulingPolicy settings.

I was searching and found your posts from last year where you posted you were able to successfully run freeswitch unprivileged. Granting access to kernel capabilities and keep default ones - #2 by stgraber

On proxmox I edited /etc/pve/lxc/<container_id>.conf and added what you suggested before in the above link:
lxc.prlimit.nice: -20
lxc.prlimit.nofile: 1024:999999

Unfortunately, after rebooting the lxc I see same errors in freeswitch lxc container whenever I try to
systemctl start freeswitch
or
systemctl restart freeswitch

However, in the current iteration of configuring a freeswitch lxc container I am able to run
freeswitch -c
which does successfully get freeswitch running and connects me to the console. In the proxmox host console running top I do see freeswitch running with nice -10.

That is for process nice but not set scheduler. I suspect you will need to modify freeswitch config to avoid trying to set the scheduler.